Tag Archives: Data Protection Act

Way back in August I made a complaint to the Data Protection Officer of the SNP and received a response from Patrick Grady, now Patrick Grady MP, stating that my complaint would be responded to “within the prescribed timescales”.

On 8th October 2015 this was referred to the Office of the Information Commissioner, where I stated that “Having repeatedly contacted Mr Patrick Grady regarding the above issue, beyond the initial acknowledgement I have been given no response, update or indication that any investigation has taken place for a period of almost 3 months.”

In November 2015 I was contacted by the Office of the Information Commissioner, stating that they had now contacted the SNP and had given them 30 days to respond.

On 22nd December 2015, on the final day of the ultimatum, the SNP responded, and as the offices of the Information Commission were closed over the holidays there was a short delay in passing on the response.

I was disappointed in the response in way and contacted the Case Officer for clarification. While I fully expected the SNP to find itself “not guilty” as regards the possible Data Protection breach, I was surprised that the flagrant disregard to responding to legitimate concerns by the party was not taken more seriously. I was told that unfortunately as (unlike a subject access request) there is no prescribed timescale in place for such a request there was little that could be done, although I do not that my concerns will be kept on file to help build a picture of the SNP’s information rights practices. It was also remarked that the SNP’s behaviour could be described as “not best customer practice“.

The SNP’s code of silence and stonewalling will only carry it so far. The gagging of MP’s and councillors such as Phil Boswell MP over tax issues or Sophia Coyle over homophobic comments will only work so long as we the public allow it to work. I’d recommend that anyone with concerns about the SNP’s data protection practices should do something about it. Be prepared for it to take some time though. The fact that in this case the SNP were only willing to respond after being forced to by the watchdog speaks volumes for how they treat our rights to be treated fairly. Every time I hear Nicola Sturgeon speak about fairness or transparency the phrase which comes to mind is ‘You hypocrite…’

It is now three whole months since I submitted a Data Protection Complaint to SNP headquarters in Edinburgh, a copy of which was sent to Nicola Sturgeon. Apart from the initial acknowledgement from Patrick Grady I have received no correspondence to update me on the progress (or lack of) the promised investigation.

My complaint was referred to the Information Commissioners Office and the SNP’s complete disregard for their responsibilities under the Data Protection Act are now being investigated by them.

In your letter of 02/09/15 you acknowledged my Data Protection request and stated that you would respond within the prescribed timescales.

I am aware that a subject data request must be dealt with within 40 days; however my letter was not a subject data request, but a complaint about a possible Data Protection breach. As such I am unaware of any prescribed timetable in which a complaint should be dealt with, indeed the Data Protection Act website states “it is very hard to say in advance how long each (investigation) will take”.

I do hope that you can update me as soon as possible about your progress, and that I am not being made wait 40 days and 40 nights before being deigned with your next response.